Sixty-nine percent of respondents said they are confident their company's security activities are effective; however, according to PwC, they may not realize that assurance has dropped considerably since 2008, when 83 percent of respondents expressed confidence in their security program. PwC suggests that executives adopt a new way of thinking in order to achieve effective security, such as implementing risk-assessment strategies and aligning security investments with identified risks as well as embracing that information security is both a means to protect data and an opportunity to create value.
Among key findings, PwC found that companies are mostly influenced by economic conditions, rather than the business value of good information security, when determining security budgets. Furthermore, R&C companies are struggling to keep pace with the adoption of cloud computing, social networking, mobility and the use of employee-owned devices, failing to incorporate these into their security policies.
Other findings include:
Forty percent of respondents expect security budgets to increase in the year ahead, down sharply from 51 percent in 2010.
Seventy-two percent of respondents say their business has an information security strategy in place, up from 61 percent in 2011, and 47 percent have implemented a business continuity / disaster recovery plan this year.
Thirty-one percent of respondents say their organization plans to implement an enterprise social networking program for employee communication and collaboration, while 25 percent say enterprise social networking is already in place.
Fifty-six percent of respondents say they are prepared to protect sensitive data in the cloud or other third-party environments, while their biggest concerns are ensuring compliance with data security regulations, limitation of liability, and a reduced ability to negotiate and enforce data protection.
Eighty percent of respondents say protecting customer and employee data is important, but only 28 percent say they have an accurate inventory of the stored data.
Timely, incisive articles delivered directly to your inbox.